# Github-Dorks

**GitHub Dork List :**

**GitHub Dorks for Finding Files**

* filename:manifest.xml
* filename:travis.yml
* filename:vim\_settings.xml
* filename:database
* filename:prod.exs NOT prod.secret.exs
* filename:prod.secret.exs
* filename:.npmrc \_auth
* filename:.dockercfg auth
* filename:WebServers.xml
* filename:.bash\_history&#x20;
* filename:sftp-config.json&#x20;
* filename:sftp.json path:.vscode
* filename:secrets.yml password
* filename:.esmtprc password
* filename:passwd path:etc
* filename:dbeaver-data-sources.xml
* path:sites databases password
* filename:config.php dbpasswd
* filename:prod.secret.exs
* filename:configuration.php JConfig password
* filename:.sh\_history
* shodan\_api\_key language:python
* filename:shadow path:etc
* JEKYLL\_GITHUB\_TOKEN
* filename:proftpdpasswd
* filename:.pgpass
* filename:idea14.key
* filename:hub oauth\_token
* HEROKU\_API\_KEY language:json
* HEROKU\_API\_KEY language:shell
* SF\_USERNAME salesforce
* filename:.bash\_profile aws
* extension:json [api.forecast.io](http://api.forecast.io/)
* filename:.env MAIL\_HOST=[smtp.gmail.com](http://smtp.gmail.com/)
* filename:wp-config.php
* extension:sql mysql dump
* filename:credentials aws\_access\_key\_id
* filename:id\_rsa or filename:id\_dsa

**GitHub Dorks for Finding Languages**

* language:python username
* language:php username
* language:sql username
* language:html password
* language:perl password
* language:shell username
* language:java api
* HOMEBREW\_GITHUB\_API\_TOKEN language:shell

**GiHub Dorks for Finding API Keys, Tokens and Passwords**

* api\_key
* “api keys”
* authorization\_bearer:
* oauth
* auth
* authentication
* client\_secret
* api\_token:
* “api token”
* client\_id
* password
* user\_password
* user\_pass
* passcode
* client\_secret
* secret
* password hash
* OTP
* user auth

**GitHub Dorks for Finding Username**s

* user:name (user:admin)
* org:name (org:google type:users)
* in:login ( in:login)
* in:name ( in:name)
* fullname:firstname lastname (fullname: )
* in:email (data in:email)
* GitHub Dorks for Finding Information using Dates
* created:<2012–04–05
* created:>=2011–06–12
* created:2016–02–07 location:iceland
* created:2011–04–06..2013–01–14  in:username

**GitHub Dorks for Finding Information using Extension**

* extension:pem private
* extension:ppk private
* extension:sql mysql dump
* extension:sql mysql dump password
* extension:json \[api.forecast.io] (<http://api.forecast.io/>)
* extension:json \[mongolab.com] (<http://mongolab.com/>)
* extension:yaml \[mongolab.com] (<http://mongolab.com/>)
* \[WFClient] Password= extension:ica
* extension:avastlic “\[support.avast.com] ([http://support.avast.com/)”](http://support.avast.com/\)%E2%80%9D)
* extension:json googleusercontent client\_secret